Why Canadians Should Look Outside of IT for Top Cybersecurity Talent

Employment Opportunities With a shortage of talent in Canada, organizations looking for cybersecurity experts will have to look further than hiring IT grads.

0

shares //

share this page

0

0

0

0

0

Steve Rampado

Partner, Risk Advisory, Deloitte

Marc MacKinnon

Partner & Canadian Cyber Strategy Leader, Deloitte

As cybersecurity challenges continue to overwhelm the private and public sectors, Canada’s talent shortage is pushing organizations to devote greater resources to hiring the right fit.
Demand for cyber talent is reportedly growing at an annual rate of seven percent in Canada, according to Deloitte’s The changing faces of cybersecurity report, which reveals hiring pain points experienced by Canadian executives. With an estimated 8,000 jobs to fill by 2021, future cybersecurity roles may not be entirely technical in nature. Your team’s assessment of the right candidate requires more than functional tests.

“The increase in cybercrime highlights the need for companies to bring in the right staff and train them in evolving cybersecurity tools and techniques,” says Steve Rampado, Partner in the Risk Advisory practice at Deloitte Canada.

“Organizations need to pivot and look beyond just IT grads as potential candidates for roles in cybersecurity,” says Rampado. “We’re really looking at people coming from different risk backgrounds and business experiences that can transition into the cyber field. Gone are the days of isolated experts solving problems with knowledge and skill sets that others don’t have.”

This is a human-centric framework, a method that hones in on the unique cybersecurity personas that can contribute to the business while supporting non-tech executives in the hiring process.

Finding the right persona

“Part of this approach refers to how diverse capabilities and skills support a robust strategy — a change that is quickly becoming the norm,” Rampado adds. “For example, someone with network experience may also understand identity, how an application works, and the intricacies of the business process.”

“Some companies recognize that if they train their existing IT staff better — by making them better coders and developers for security, for instance — it helps from a security perspective,” says Marc MacKinnon, Partner and Canadian Cyber Strategy Leader at Deloitte. “Organizations understand some of the skill sets, so they can go out and attract the right people, but they can also develop retention programs that relay back to those capabilities and motivating factors for those individuals.”

“A single person may not fall squarely into one persona,” he says. “The firefighter acts as the defender to put out a proverbial fire but may also have transferable skills similar to those of a cyber strategist. Strategists may even transition to sleuths over time to provide forensic analysis.”

“There are a lot of vacant positions that companies need to hire for, but the companies often haven’t actually done the work of identifying who they need to hire,” MacKinnon continues. “Mature organizations recognize that cybersecurity is something they have to manage, but if they don’t understand the risk posed to the business, they won’t be able to manage it appropriately.”

It’s crucial for executives to take the time to develop a hiring strategy that will equip their organization with the right talent.